← voltar
CVE-2005-3883

CVE-2005-3883

EPSS 3.1%
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.aschttp://bugs.php.net/bug.php?id=35307http://rhn.redhat.com/errata/RHSA-2006-0276.htmlhttp://secunia.com/advisories/17763http://secunia.com/advisories/18054http://secunia.com/advisories/18198http://secunia.com/advisories/19832http://secunia.com/advisories/20210http://secunia.com/advisories/20951http://securitytracker.com/id?1015296https://exchange.xforce.ibmcloud.com/vulnerabilities/23270https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332